Doesn't /dev/urandom have exactly the same DOS properties as /dev/random?I.e. it reads real random numbers until the entropy pool is empty, then starts returning pseudo-random numbers? If so, things on the host will still hang when they then try to read /dev/random.

Also, UML processes deserve crytographically secure numbers just as much as host proceses do. When something opens /dev/random, /dev/random is exactlywhat it should get.